• Inviting everyone who uses WordPress management tools in Plesk
    The Plesk team is conducting a 60-minute research session that includes an interview and a moderated usability test.
    To participate, please use this link .
    Your experience will help shape product decisions and ensure the tools better support real-world use cases.

domain hacked?

A

ACID25

Guest
Hi

on one of ouer servers we saw today ther load average is higher then normal. So we checked how could it happen and figure out that one domain must have a security hole
Code: 
  748 ?        S      0:00 sh -c (sleep 99999999999999;killall -9 udp) & CONSOLE=/dev/console SELINUX_INIT=YES MYSQL_UNIX_PORT=/var/lib/mysql/mysql.sock TERM=linux 
PERL5LIB=/usr/local/psa/lib/perl5/site_perl/5.8.3:/usr/local/psa/lib/perl5/site_perl/5.8.3/i386-linux-thread-multi OLDPWD
=/var/www/vhosts/sfachim.de/httpdocs INIT_VERSION=sysvinit-2.85 PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin runlevel=3 RUNLEVEL=3 PWD=/tmp 
LANG=en_US.UTF-8 previous=N PREVLEVEL=N PSA_RUN_MODE=1 SHLVL=7 OPENSSL_CONF=/usr/local/psa/admin/conf/openssl.cnf _=/usr/bin/perl
but we could not excalty figure out how it works....maybe anybody can explain we what happens there and how could we close this???

THX and best regards
ACID25
 
Hi


yes the domain was hacked through a unsecure php script...

regards
ACID25

thread can be closed!
 
You must log in or register to reply here.

Similar threads

Oscar Segura
Issue Upgrading from Ubuntu 20.04 to 22.04: failed reboot
Replies
0
Views
6K
Oscar Segura
Oscar Segura
tkalfaoglu
Resolved Strange error dump after CLI IP change operation
Replies
1
Views
1K
IgorG
IgorG
D
Issue Having a problem accessing perl on a website
Replies
2
Views
2K
Deleted member 174786
D
A
Issue /bin/bash(chrooted) SSH suddenly denied for all domains
Replies
3
Views
6K
AgBillings
A
D
Another backup problem : Plesk 11.0.9 #53
Replies
5
Views
3K
DereckB
D
Back
Top